Introduction
I have a read a few blog posts on uploading old VMs to Azure. Some of the blog posts make it look like it is a very simple process. However, the comments to the posts often describe a failure and request additional details. I’m going to post the details about my experience. I will also provide some explanation on where I ran into some problems and explain what I do to resolve them.
This is part one of a two part blog posting. Part one ends with the conversion of a Windows 2003 VMWare VM to a Hyper-V VHD disk. Part two provides the details to upload the VHD disk to Azure and create a VM there. Then I run the Domino server on the VM and test connecting to it with a web browser and a Notes client.
Note: I provide an abundance of details with screenshots.
My Current VMWare VM
I have an old Windows 2003 Server running in a VMWare Workstation VM. I used to run a SharePoint 2010 Server on it; but now I use it to run a Domino R8.5 Server. I suspect that a lot of organizations have Domino Servers running on Windows 2003 Servers. The preparation steps would be slightly different if they upgraded their Windows 2003 Server to Windows 2008 or 2012. The differences would be with the configuration of remote access on the server.
I want to upload the Windows 2003 Server to an Azure VM. It has a 40GB disk drive with 7GB of free disk space. It is running a 32-bit version of Windows 2003 Server with Service Pack 2 installed. I know that Azure provides best effort support only for running Windows 2003 servers – both 32-bit and 64-bit.
Below you can see a screenshot of the System Properties of my Windows 2003 Server.
I know that I can upload both generalized and specialized VHDs to Azure. Each type requires that you prepare the VM before starting. I want to create a specialized VM.
Generalized VHD – a generalized VHD has had all of your personal account information removed using Sysprep. If you intend to use the VHD as an image to create new VMs from, you should:
Specialized VHD – a specialized VHD maintains the user accounts, applications and other state data from your original VM. If you intend to use the VHD as-is to create a new VM, ensure the following steps are completed.
- Prepare a Windows VHD to upload to Azure.
- Do not generalize the VM using Sysprep.
- Remove any guest virtualization tools and agents that are installed on the VM (i.e. VMware tools).
- Ensure the VM is configured to pull its IP address and DNS settings via DHCP. This ensures that the server obtains an IP address within the VNet when it starts up.
Create a Clone
I make sure that my Windows 2003 Server VM is shut down. Then I create a clone of my Windows 2003 Server VM.
The Welcome Screen appears. I click Next to continue.
The Clone Source screen appears. I accept the current settings and click Next to continue.
The Clone Type screen appears. I select Create a full clone and click Next to continue.
The Clone Name screen appears. I update the name and click Finish to continue.
The cloning process begins.
The final screen appears and I click Close.
Preparing the VM
I power on the cloned VM.
I often get this error displayed; but it never seems to be a problem. I click OK to continue.
I check the VMWare VM Network Configuration.
I changed the setting to obtain an IP address automatically. This is the right configuration; but it won’t really matter since I lose the network adapter when I convert to a Hyper-V disk drive.
I clicked OK.
Windows Management Core Package
I want to check that I have installed the Windows Management Core Package installed on my Windows 2003 Server.
I run PowerShell. I happen to have it on my desktop.
I double-click on the icon and PowerShell starts. It looks like I have v1.0 installed.
The package I want to download contains PowerShell 2.0.
I can download the package from here: http://www.microsoft.com/en-us/download/details.aspx?id=4045
I click on Download.
I have to click on click here to download manually.
But that still does not download the file.
I know that the URL to the file is https://download.microsoft.com/download/1/1/7/117FB25C-BB2D-41E1-B01E-0FEB0BC72C30/WindowsServer2003-KB968930-x86-ENG.exe
I return to my PowerShell window.
I copy and paste the following commands:
$path = “C:\download\WindowsServer2003-KB968930-x86-ENG.exe”
# param([string]$url, [string]$path)
if(!(Split-Path -parent $path) -or !(Test-Path -pathType Container (Split-Path -parent $path))) {
$path = Join-Path $pwd (Split-Path -leaf $path)
}
“Downloading [$url]`nSaving at [$path]”
$client = new-object System.Net.WebClient
$client.DownloadFile($url, $path)
#$client.DownloadData($url, $path)
$path
Note that I removed the “s” in https://.
I confirmed that I have a download folder on the C: drive.
I hit Enter. The file downloads.
I run the file in C:\download.
Good news! I already have the Core installed!
Run Windows Update
I also checked Windows Update in Internet Explorer to see if I was missing an update.
I have not updated this server in almost 10 years. It is taking a long time to check!
I expect this to be the situation for most companies, too.
But I know that a process is running. I checked Windows Task Manager.
The process completes almost an hour later.
I will install the first updates.
I click on Review and install updates.
Then I click on Install Updates.
The installation completes and I click on Restart Now.
The Windows 2003 Server restarts.
I check Windows Update again. This time I will install all high-priority updates. There are 169 updates to apply. I expect this to take an hour or more.
Note: Update 17 required me to install Internet Explorer 8. I had to click on some dialog boxes.
I restart the VM after the installation completes.
Set Windows configurations for Azure
On the virtual machine you plan to upload to Azure, run all the following commands from the command prompt window with administrative privileges. In this case, I run as Administrator.
Change to the C:\windows\system32 directory.
Remove any static persistent route on the routing table:
To view the route table, run route print from the command prompt window.
Check the Persistence Routes sections. If there is a persistent route, use route delete to remove it. The VM has none because I changed the IP settings to obtain an IP address automatically.
Remove the WinHTTP proxy:
netsh winhttp reset proxy
Set the disk SAN policy to Onlineall.
diskpart
san policy=onlineall
exit
Set Coordinated Universal Time (UTC) time for Windows and the startup type of the Windows Time (w32time) service to Automatically:
REG ADD HKLM\SYSTEM\CurrentControlSet\Control\TimeZoneInformation /v RealTimeIsUniversal /t REG_DWORD /d 1
Enter Yes and hit Enter
sc config w32time start= auto
Set services startup to Windows default values
Make sure that each of the following Windows services is set to the Windows default values. To reset the startup settings, run the following commands:
sc config bfe start= auto
sc config dcomlaunch start= auto
sc config dhcp start= auto
sc config dnscache start= auto
sc config IKEEXT start= auto
sc config iphlpsvc start= auto
sc config PolicyAgent start= demand
sc config LSM start= auto
sc config netlogon start= demand
sc config netman start= demand
sc config NcaSvc start= demand
sc config netprofm start= demand
sc config NlaSvc start= auto
sc config nsi start= auto
sc config RpcSs start= auto
sc config RpcEptMapper start= auto
sc config termService start= demand
sc config MpsSvc start= auto
sc config WinHttpAutoProxySvc start= demand
sc config LanmanWorkstation start= auto
sc config RemoteRegistry start= auto
I saw multiple messages stating that the specified service does not exist; but I continued with the process.
Update Remote Desktop registry settings
If there are any self-signed certificates tied to the Remote Desktop Protocol (RDP) listener, remove them:
REG DELETE “HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp\SSLCertificateSHA1Hash”
This registry key did not exist on my VM.
For more information about configuring certificates for RDP listener, see Listener Certificate Configurations in Windows Server
Configure the KeepAlive values for RDP service:
REG ADD “HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services” /v KeepAliveEnable /t REG_DWORD /d 1 /fREG ADD “HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services” /v KeepAliveInterval /t REG_DWORD /d 1 /fREG ADD “HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Winstations\RDP-Tcp” /v KeepAliveTimeout /t REG_DWORD /d 1 /f
Configure the authentication mode for the RDP service:
REG ADD “HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp” /v UserAuthentication /t REG_DWORD /d 1 /fREG ADD “HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp” /v SecurityLayer /t REG_DWORD /d 1 /fREG ADD “HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp” /v fAllowSecProtocolNegotiation /t REG_DWORD /d 1 /f
Enable RDP service by adding the following subkeys to the registry:
REG ADD “HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server” /v fDenyTSConnections /t REG_DWORD /d 0 /f
Configure Windows Firewall rules
The steps for later versions of Windows server are very different because of a new and improved version of Windows Firewall. It is relatively easy on a Windows 2003 Server.
First, I confirmed that Windows Firewall was on.
I made sure that the Remote Desktop setting in Windows Firewall on my Windows 2003 server is set to TCP 3389 with Scope set to “Any”.
Run PowerShell as an administrator.
Run the following command in PowerShell to allow WinRM through the firewall and enable PowerShell Remote service.
Enable-PSRemoting –force
Verify VM is healthy, secure, and accessible with RDP
I do not have a way to confirm that the Windows Management Instrumentation (WMI) repository is consistent. That is, there is no command that I can run on Windows 2003 Server. If the repository is corrupted, see the blog post WMI: Repository Corruption, or Not?
I cannot run the bcdedit commands to set the Boot Configuration Data (BCD). I am listing them below so that you know what they are.
bcdedit /set {bootmgr} integrityservices enable
bcdedit /set {default} device partition=C:
bcdedit /set {default} integrityservices enable
bcdedit /set {default} recoveryenabled Off
bcdedit /set {default} osdevice partition=C:
bcdedit /set {default} bootstatuspolicy IgnoreAllFailures
Remove any extra Transport Driver Interface filters, such as software that analyzes TCP packets.
To make sure the disk is healthy and consistent, run the CHKDSK /f command in the command prompt window. Type “Y” to schedule the check and restart the VM.
Uninstall any other third-party software and driver related to physical components or any other virtualization technology.
I uninstall the VMWare Tools. I restart the VM as required.
Note: This is likely where I lose my network adapter since it is a VMWare network adapter.
I click Cancel when the Found New Hardware Wizard appears.
Regardless, a new device was installed. I click Yes to restart my VM again.
Make sure that a third-party application is not using Port 3389. This port is used for the RDP service in Azure. You can run netstat -anob in the command prompt window to see the ports that are used by the applications.
It looks like TermService (svchost.exe) is using Port 3389. This is the Remote Desktop Service.
If the Windows VHD that you want to upload is a domain controller, follow these extra steps to prepare the disk.
Reboot the VM to make sure that Windows is still healthy and can be reached by using the RDP connection.
I check that my Administrator account has the right to logon onto the server via Remote Desktop.
I will add my Administrator account.
I click Add User or Group. I enter Administrator and click on Check Names.
I click OK to continue. The Administrator name appears in the list.
I click OK to continue.
I am certain that I have no network connection in the VM now. Later I will use Hyper-V Integration Services to enable network connectivity.
Shut down the VM!
Convert the VMWare VMDK to Hyper-V VHD
Microsoft offers a VMWare VM conversion kit: http://www.microsoft.com/en-us/download/details.aspx?id=42497
I tried this kit; but afterwards I was unable to connect to the VM on Azure using RDP. I think it is because I lost the VMWare VM network adapter. Maybe the conversion kit works; but I need to run the converted VHD file in Hyper-V and add a network adapter. That is what I am doing next; but using a different tool for the conversion from VMWare to VHD.
Convert the VMWare VMDK to Virtual PC VM
I still do not have a network adapter in the VMWare VM. I will add one later.
I downloaded and install StarWind V2V Converter 8.0.167. StarWind Software V2V Image Converter is a virtual machine conversion utility. The package can convert many existing virtual machine formats to others.
I convert the VMWare Workstation VM disk to a Virtual PC pre-allocated image. The series of screenshots that follow show the steps that I followed.
I have successfully converted my VMWare VM to a MS Virtual PC VM.
Enable Hyper-V
My current setup does not have Hyper-V configured. However, I do have Windows 10 Pro installed with Intel(R) Core(TM) i7-3840QM CPU @ 2.80GHz processors. So I am able configure Hyper-V.
I have to configure my Windows 10 computer to support Hyper-V and Virtual PC. I followed the steps in the following blog posts:
https://www.groovypost.com/howto/create-virtual-machine-windows-10-hyper-v/
https://docs.microsoft.com/en-us/virtualization/hyper-v-on-windows/quick-start/enable-hyper-v
More information on Hyper-V running on Windows 10:
https://www.tenforums.com/tutorials/2087-hyper-v-virtualization-setup-use-windows-10-a.html
Hyper-V Manager
For more information on Hyper-V running on Windows 10:
https://www.tenforums.com/tutorials/2087-hyper-v-virtualization-setup-use-windows-10-a.html
I run Hyper-V Manager.
First, I create a virtual switch connected to the External network. See the steps documented in Part Three in the URL above.
Second, I create a new VM.
Assign 3032MB of memory (or however much you need to allocate). It may change when you select your Azure VM series.
MISSING A SCREEN HERE
I chose the virtual switch for my network configuration that I created as a first step.
New VM appears in Hyper-V Manager
Start the VM
It is running, but needs a network connection.
Installing a Network Adapter
Map the CD drive to vmguest-HyperV.iso. If you do not have the file, you have to find it somewhere on the Internet.
Click OK to upgrade the HAL.
Installation starts
Click Yes to restart
Installation continues after reboot and logging in
Click Yes to restart
After restart, additional settings are applied.
Finally, I have a Local Area Connection again! The Microsoft Hyper-V Network Adapter is installed.
Shut down the VM!
That concludes this blog post. Part two of this two part blog posting will continue with uploading the VHD to Azure.
hi I have all the updates in my Windows 2003 R2 x32 but I get no ping or RDP, W2003 loads OK, I see the login Window but no way to connect any idea? thanks
https://social.msdn.microsoft.com/Forums/azure/en-US/bb6d956a-2b4c-475e-b495-617518061e86/migrating-windows-server-2003-r2-to-azure?forum=WAVirtualMachinesforWindows
I have very detailed steps to show what worked for me. I tried several times until I found the right order of steps to make this work. Previously I tried following some very simple steps that I found in other blog posts; but they did not work.
So you have to review your steps and compare them to what I did.
Did you specify a Generation 1 VM in VMWare?
Do you have the Microsoft Hyper-V Network Adapter installed?
Same problem here, created new Windows 2003 virtual machine does not answer in Azure, tried also with a Hyper-V network adapter and with a legacy Intel network adapter. I can still see the health login window in the boot diagnostics. But no any network traffic (actually some random outbound traffic, but only few). Generation 1 in Hyper-V. Enabled also a serial port in the OS level, but Azure serial console connect does not give a login prompt. Microsoft maybe have changed something. I opened a ticket, first Microsoft answered that they do not offer Windows 2003 support, so I had to tell them that they still support Azure deployments. Microsoft finally agreed. Now waiting their help, one guy should call me tomorrow.
Did the VM run properly in Hyper-V?
I have a script in part two of the blog post. It creates the new VM and defines the subnet. I also create a network security group (nsg) and open ports in the nsg. Note that I opened ports on the VM before I moved the disk to to Azure blob storage.
I also create a public IP address and NIC.
Eventually I could use RDP.
This took me a few tries to get right, too. That’s why I documented each step with pictures.
Yes, the VM was running properly in Hyper-V. It was a clean 32bit Windows 2003 installation (not R2). SP2 and updates installed. After Azure preparations I uploaded this fixed size VHD to Azure blob storage and created a managed disk. I finally set Windows Firewall also off (before it was enabled with RDP/ICMP/sharing inbounds ports open). Tried also a public IP address and RDP open from the Internet in the NSG, did not help (NSG default VNet rule allows the internal traffic ). Azure monitoring shows that VM does not generate any network traffic. Troubleshooting is difficult because Windows 2003 VM does not support Azure extensions.
My best guess is that networking is not functioning properly on the VM. But you probably knew that already. I experienced the same situation. The network traffic was flowing properly after I fixed the VM and uploaded it again. I remember checking that the ports were open on the VM and then testing from the host OS.
HYPER-V WITH WINDOWS 10 DONT HAVE THE RIGHT INTEGRATION SERVICE FOR WINDOWS SERVER 2003. HYPER-V MUST RUN ON A WINDOWS SERVER 2008 MACHINE
YOU NEED TO INSTALL HYPER-V ON A WINDOWS SERVER 2008 R2 MACHINE. THAN INSTALL THE HYPER-V INTERGRATION SERVICES ON THE VM.AFTER THAT YOU WOULD BE ABLE TO ACCESS IT.